fix: withdraw gas tokens from swap

[fadeev]

Fixed approval for when the target is a gas token.

Localnet

yarn hardhat compile --force

yarn hardhat deploy --name SwapToAnyToken --network localhost

ETH to USDC:

npx hardhat evm-deposit-and-call --amount 1 --receiver 0x67d269191c92Caf3cD7723F116c85e6E9bf55933 --network localhost --types '["address", "bytes", "bool"]' 0x9fd96203f7b22bCF72d9DCb40ff98302376cE09c 0x4955a3F38ff86ae92A914445099caa8eA2B9bA32 true

USDC to ETH:

npx hardhat evm-deposit-and-call --amount 1 --erc20 0x0DCd1Bf9A1b36cE34237eEaFef220932846BCD82 --receiver 0x67d269191c92Caf3cD7723F116c85e6E9bf55933 --network localhost --types '["address", "bytes", "bool"]' 0x91d18e54DAf4F677cB28167158d6dd21F6aB3921 0x4955a3F38ff86ae92A914445099caa8eA2B9bA32 true
Transaction hash: 0x73cad5bbc78e36ddf1f8e381eefa700697609c76572814e5c3aefc4266078f74

Depends on zeta-chain/localnet#32

Summary by CodeRabbit

• New Features

  • Enhanced approval logic for token swaps, allowing for combined approvals based on conditions.
  • Improved withdrawal process with better error handling and structured management of token withdrawals.

• Bug Fixes

  • Updated dependencies to newer versions, potentially resolving existing issues and enhancing functionality.

• Chores

  • Removed unnecessary imports from Hardhat configuration to simplify the setup.

[coderabbitai]

Walkthrough

Walkthrough

The pull request introduces modifications to the approval and withdrawal logic in the Swap and SwapToAnyToken contracts. Key changes include conditional checks to determine if gasZRC20 matches params.target, which alters the token approval process. Additionally, the withdrawal logic in SwapToAnyToken has been encapsulated in a new function call, enhancing error handling and control over token management during the swap process.

Changes

Files	Change Summary
universal/swap/contracts/Swap.sol	The approve function logic is modified to conditionally approve the gatewayAddress based on whether gasZRC20 equals params.target, altering how amounts are managed during swaps.
universal/swap/contracts/SwapToAnyToken.sol	The withdrawal logic is enhanced with a conditional check similar to Swap, and the withdrawal process is encapsulated in a new function call to IGatewayZEVM(gatewayAddress).withdraw, improving error handling and control over withdrawals.
universal/hello/package.json	Updated the version of @zetachain/localnet from ^2.0.0 to 3.0.2, indicating a shift to a newer version of the package.
universal/hello/hardhat.config.ts	Removed the import statements for evmDepositAndCall, evmDeposit, evmCall, and zetachainCall, simplifying the Hardhat configuration.
universal/swap/package.json	Updated versions of dependencies: @zetachain/localnet from ^2.0.0 to 3.0.2 and @zetachain/toolkit from ^10.0.0 to 13.0.0-rc2.

Possibly related PRs

• feat: added ability to swap token on and from ZetaChain #186: The changes in the Swap and SwapToAnyToken contracts involve modifications to the approval logic and handling of token amounts, which are conceptually similar to the changes made in the main PR regarding the conditional checks for gasZRC20 and params.target.
• Swap: add Solana interact task #192: The modifications in the Swap and SwapToAnyToken contracts include updates to the handling of parameters and function calls, which relate to the changes in the main PR that also focus on the approval and withdrawal logic based on conditional checks.
• Added tasks to Hello example and migrated Swap to gateway #195: The migration of the Swap contract to utilize the gateway indicates a structural change in how swaps are processed, which aligns with the main PR's focus on enhancing the approval logic and control flow in the Swap contract.

---

Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between c60689d and d3f4bab.

Files ignored due to path filters (2)

• universal/hello/yarn.lock is excluded by !**/yarn.lock, !**/*.lock
• universal/swap/yarn.lock is excluded by !**/yarn.lock, !**/*.lock

Files selected for processing (2)

• universal/hello/package.json (1 hunks)
• universal/swap/package.json (1 hunks)

Files skipped from review as they are similar to previous changes (2)

• universal/hello/package.json
• universal/swap/package.json

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between ae9e49f and 9a7050e.

Files selected for processing (2)

• universal/swap/contracts/Swap.sol (1 hunks)
• universal/swap/contracts/SwapToAnyToken.sol (1 hunks)

Additional comments not posted (2)

universal/swap/contracts/Swap.sol (1)

78-83: Optimize token approvals with conditional logic.

The changes introduced in the approval logic are a good optimization to reduce the number of transactions and potentially save on gas costs. However, consider the following improvements:

1. Edge Case Handling: Ensure that there are checks for cases where amount might be less than gasFee, which could lead to underflows. Although Solidity 0.8.26 prevents underflows, explicit validation can prevent logical errors.
2. Race Conditions: The direct use of the approve method can be susceptible to race conditions. Ensure that these scenarios are handled correctly, possibly by using the increaseAllowance method or ensuring that the contract's state cannot be altered in unexpected ways between calls.

universal/swap/contracts/SwapToAnyToken.sol (1)

93-110: Enhance withdrawal logic with conditional approvals and structured error handling.

The modifications to the withdrawal logic introduce more granular control and improve error handling capabilities. Consider the following improvements:

1. Edge Case Handling: Ensure that all edge cases, such as when amount is less than gasFee, are handled correctly to prevent logical errors or underflows.
2. Security Considerations: Review the entire flow to ensure that the new logic does not introduce security vulnerabilities, especially in the handling of approvals and state changes.